I personally am fine with this.

  • Xylight (Photon dev)OP
    link
    fedilink
    English
    151 year ago

    BTW, any authenticator app works when it tells you to use one. They all use a standard, so it doesn’t matter which one you use.

    • @tool
      link
      English
      41 year ago

      BTW, any authenticator app works when it tells you to use one. They all use a standard, so it doesn’t matter which one you use.

      Eh, it’s a little more nuanced than that, there’re more standards for MFA code generation than just TOTP.

      And even within the TOTP standard, there are options to adjust the code generation (timing, hash algorithm, # of characters in the generated code, etc.) that not all clients are going to support or will be user-configureable. Blizzard’s Battle.net MFA is a good example of that.

      If the code is just your basic 6-digit HMAC/SHA1 30-second code, yeah, odds are almost 100% that your client of choice will support it, but anything other than that I wouldn’t automatically assume that it’s going to work.